CVE-2011-5080
https://notcve.org/view.php?id=CVE-2011-5080
Cross-site scripting (XSS) vulnerability in lib/class.tx_jftcaforms_tceFunc.php in the Additional TCA Forms (jftcaforms) extension before 0.2.1 for TYPO3 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en lib/class.tx_jftcaforms_tceFunc.php en la extensión Additional TCA Forms (jftcaforms) v0.2.1 para TYPO3, permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://forge.typo3.org/projects/extension-jftcaforms/repository/diff?rev=51637&rev_to=51568 http://osvdb.org/78800 http://typo3.org/teams/security/security-bulletins/typo3-extensions/typo3-ext-sa-2012-001 http://www.securityfocus.com/bid/51854 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •